Warning: new code of virtual money digging is available via Facebook Messenger

Security researchers from Trend Micro have discovered a new virtual money code that is attacking users via Facebook Messenger called FacexWorm. This malicious code is aimed at those who participate in playing virtual money to steal their accounts.

How to operate virtual money digging code FacexWorm.(Photo: THE HACKER NEWS)

FacexWorm lurks as a Chrome browser extension and works by sending links via Facebook Messenger to infected account friends to redirect victims to fake websites like YouTube. Users will then receive a notification to download an extension on Chrome like a decoding program for the browser to continue playing the video.

If the user follows, FacexWorm will be installed on the machine and then it will automatically download additional components from the remote control server to execute malicious processes.

According to the researchers, the malicious code could steal users' account information when they log in to Google and pre-encrypted sites, taking advantage of the victim's CPU to dig virtual money, cash trading sessions. virtual user, .

Researchers at Trend Micro added that some of the pre-encrypted FacexWorm types include: Bitcoin (BTC), Bitcoin Gold (BTG), Bitcoin Cash (BCH), Ethereum Classic (ETC), Ripple (XRP), Dash (DASH), Ethereum (ETH), Litecoin (LTC), Zcash (ZEC), and Monero (XMR).

Currently FacexWorm has been discovered in a number of countries such as Germany, Tunisia, Japan, Taiwan, Korea and Spain, but because of the global capability of this malicious code is huge because Facebook Messenger is one of those The application is widely used around the world.

See more:

1. Appearing dangerous Android malicious code specializing in stealing chat content on Facebook Messenger, Skype .
2. Warning: GandCrab extortionist code is attacking Vietnam
3. Warning of new malware appear like Wannacry, capable of deleting Vietnamese percussion on computer